DMVPN Configuration Using FQDN

First Published: July 9, 2010

Last Updated: July 9, 2010

The DMVPN Configuration Using FQDN feature enables next hop clients (NHCs) to register with the next hop server (NHS).

This feature allows you to configure a fully qualified domain name (FQDN) for the nonbroadcast multiple access network (NBMA) address of the hub (NHS) on the spokes (NHCs). The spokes resolve the FQDN to IP address using the DNS service and get registered with the hub using the newly resolved address. This allows spokes to dynamically locate the IP address of the hub using FQDN.

With this feature, spokes need not configure the protocol address of the hub. Spokes learn the protocol address of the hub dynamically from the NHRP registration reply of the hub. According to RFC 2332, the hub to which the NHRP registration was sent responds with its own protocol address in the NHRP registration reply and hence the spokes learn the protocol address of the hub from the NHRP registration reply packet.

In Cisco IOS Release 15.1(2)T and earlier releases, in Dynamic Multipoint VPN (DMVPN), NHS NBMA addresses were configured with either IPv4 or IPv6 addresses. Because NHS was configured to receive a dynamic NBMA address, it was difficult for NHCs to get the updated NBMA address and register with the NHS. This limitation is addressed with the DMVPN Configuration Using FQDN feature. This feature allows NHC to use an FQDN instead of an IP address to configure NBMA and register with the NHS dynamically.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for DMVPN Configuration Using FQDN" section.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn.An account on Cisco.com is not required.

Information About DMVPN Configuration Using FQDN

DNS Functionality

A Domain Name System (DNS) client communicates with a DNS server to translate a hostname to an IP address.

The intermediate DNS server or the DNS client on the route enters the FQDN DNS reply from the DNS server into the cache for a lifetime. If the DNS client receives another query before the lifetime expires, the DNS client uses the entry information from the cache. If the cache expires, the DNS client queries the DNS server. If the NBMA address of the NHS changes frequently, the DNS entry lifetime must be short, otherwise the spokes may take some time before they start using the new NBMA address for the NHS.

DNS Server Deployment Scenarios

A DNS server can be located either in a hub network or outside a hub and spoke network.

Following are the four DNS server load balancing models:

•Round robin—Each DNS request is assigned an IP address sequentially from the list of IP addresses configured for an FQDN.

•Weighted round robin—This is similar to round-robin load balancing except that the IP addresses are assigned weights and nodes, where higher weights can take more load or traffic.

•Geography or network—Geography-based load balancing allows the requests to be directed to the optimal node that is geographically the nearest or the most efficient to the requester.

•Failover—Failover load balancing sends all requests to a single host until the load balancer determines a particular node to be no longer available. It then directs traffic to the next node available in the list.

Configuring a DNS Server on a Spoke

Perform this task to configure a DNS server on a spoke. You must perform this task only if you want to resolve FQDN using an external DNS server.

SUMMARY STEPS

1. enable

2. configureterminal

3. ip name-server ip-address

4. exit

DETAILED STEPS

Command or Action

Purpose

Step 1

enable

Example:

Router> enable

Enables privileged EXEC mode.

•Enter your password if prompted.

Step 2

configureterminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3

ip name-server ip-address

Example:

Router(config)# ip name-server 192.0.2.1

Configures a DNS server on a spoke.

Step 4

exit

Example:

Router(config)# exit

Exits global configuration mode.

Configuring a DNS Server

Perform this task to configure a DNS server. You must perform the configuration on a DNS server.

SUMMARY STEPS

1. enable

2. configureterminal

3. ip dns server

4. ip hosthostnameip-address

5. exit

DETAILED STEPS

Command or Action

Purpose

Step 1

enable

Example:

Router> enable

Enables privileged EXEC mode.

•Enter your password if prompted.

Step 2

configureterminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3

ip dns server

Example:

Router(config)# ip dns server

Enables a DNS server.

Step 4

ip host hostnameip-address

Example:

Router(config)# ip host host1.example.com 192.0.2.2

Maps a FQDN (hostname) with the IP address in the DNS hostname cache for a DNS view.

Note Configure the ip host command on a DNS server if you have configured a DNS server on the spoke and configure the command on the spoke if you have not configured a DNS server on the spoke. See the "Configuring a DNS Server on a Spoke" section.

Step 5

exit

Example:

Router(config)# exit

Exits global configuration mode.

Configuring an FQDN with a Protocol Address

Perform this task to configure an FQDN with a protocol address. You must know the protocol address of the NHS while you are configuring the FQDN. This configuration registers spoke to a hub using NBMA.

RFCs

RFC

Title

RFC 2332

NBMA Next Hop Resolution Protocol (NHRP)

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

Feature Information for DMVPN Configuration Using FQDN

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Note Table 1 lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Table 1 Feature Information for DMVPN Configuration Using FQDN

Feature Name

Releases

Feature Information

DMVPN Configuration Using FQDN

15.1(2)T

The DMVPN Configuration Using FQDN feature enables the NHC to register with the NHS. It uses the NHRP without using the protocol address of the NHS.

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.